Normie messaging app versus email

I made friends with a Taiwanese person who uses Line, a normie messaging app. We are communicating by email and we sometimes meet IRL. I proposed we use Signal but they declined, instead proposing Line.

I don’t know the reasons why my friend declined to use Signal. But I heard, and saw some myself, Asian mainstream media intimidate people away from using secure messaging apps like Signal, associating them with criminal activities.

If I want to develop this friendship my options are simple. Keep using email like we are, or start using Line.

There is no privacy in email and this is worsened by their Gmail account; Google will scan, share or train its AI with our emails at some point. Conversely I dislike the idea of installing Line spyware (Linux or Android), registering an account (personal information?), enduring its antifeatures and being spied on by Line corporation. If Line’s claim messages are E2EE is true then message contents are safer in Line than in email, but it is impossible to verify they can’t covertly access messages. Having zero experience with Line, I’m having difficulty deciding the least worst option that will work for me and my friend. I assume PGP is not an option, and neither are Cwtch, Session and SimpleX.

Essential harm reduction measures I can think of, should I choose to use Line, are use Line over Tor (ineffective if the app transmits clients’ IP addresses), register with fake personal information, disable contact discovery, and isolate the app (using GrapheneOS or a dedicated device?) to limit misbehavior the app may attempt. I cannot get another phone number without KYC. Having zero experience with Line, I don’t know what harm reduction options the app features and exactly how they work, and what non-app harm reduction measures are compatible with Line and how effective they are.

• To protect my privacy and security, what risks should I know about before deciding to start using Line, and what other harm reduction measures should I take if I start using Line?
• What are your thoughts about my dilemma and the general issue, not limited to Gmail and Line?

You should do what you want to do. It’s not always an easy decision.

I would once again speak with them and explain why Signal is superior and the reason for that is privacy and security. Even a kitchen knife can be used to harm people but doesn’t mean you’re not going to use it or it won’t be used for its purpose.

Implore them to move to Signal and if they still refuse, the real realization here for you should be that they don’t want to maintain or continue the relationship and will no longer be about using Signal or not.

I’m just trying to work out what you want to protect against. Are you concerned with the ‘spying’ or ‘scanning’ of your personal messages (as the case with non e2ee e-mail providers) or concerned by any app privacy itself and having access to your other data? Is this a privacy thing or anonymity, as you mention signing up with fake personal information?

If you’re concerned about the two-way communication and your friend using Gmail (and unyielding on this too), why not use similar to ProtonMail (or whichever other provider offers the same) and continue to send e-mails to your friend but use password protection. That way, they’ll get the link to their e-mail and will open it in a browser. They can reply to you that way, too. This keeps the e2ee by e-mail.

This is a good idea and worth a try. Make sure to tell them to use the “reply securely” option or however it’s called.

Thats the most important imo. If OP distrusts Line but would be fine with for example WhatsApp that could be a pragmatic solution.

Then again I think asking for the reason why they don’t want to use Signal doesn’t hurt. Saying things like “I want to protect the identity of some of my friends in surpressing countries/regions by not giving Line/WhatsApp access to all my contacts” also usually resonates well with people. It shows them you care about your friends and at the same time it tells them you’re not the root of the “problem” so they’re less likely to be mad at you. I’m not sure if it will work in this situation though since you already use e-mail.

Thank you all for the posts!

Another harm reduction measure I thought of is assume Line is not E2EE and tell my friend to assume all messages can be accessed by Line Corporation, just like email.

Normie messaging apps that claim E2EE cannot be trusted but I suspect message contents will likely be safer inside a normie messaging app than email. That said, I wonder what other information I would leak if I use Line and how to protect it.

@Nostromo I suppose I could explain Signal to them and the diverse range of people who use it. I need to ask them why they declined to use Signal. But if they have a deal breaker reason for declining to use Signal then I won’t have much choice.

There is the nuclear option, cutting ties, but I don’t want to consider that until I know there is no way forward.

@WhyRhy Like you have found I didn’t describe a threat model. Basically I want as little about me and my communications (contents, metadata, telemetry) knowable to third parties as possible. My thinking is a bit like: assume Line is malicious enough to harvest as much data from all users as possible, how can it be used in the safest way possible? If I start using Line, I intend to do everything I can to deny Line’s access to such information. Further, the app is something that cannot be trusted or verified so I intend to keep it confined.

I didn’t consider Proton/Tuta password protected email, thank you for proposing it, but in my experience this has never worked. In addition to clicking on a link and entering a password being too difficult/scary for many normies to handle, they either can’t access messages at all (browser issue perhaps?) or leak contents of messages when replying. I will propose it to my friend if we stay with email, and see what happens should we test it.

@DailyChems Thank you for identifying some talking points that I may be able to use when explaining Signal.

I have no reason to trust WhatsApp more than Line.

Taiwan isn’t a police state. Taiwan: Country Profile | Freedom House scores show 93/100 in in freedom index and 79/100 in internet freedom. For comparison USA is 81 and 73 respectively. United States: Country Profile | Freedom House If Signal is fine in USA, I find it hard to believe they couldn’t use it in Taiwan.

One great argument for Signal is that it’s so secure the Chinese government is having trouble getting around Signal’s E2EE, so they are blocking Signal. So Signal is providing protection against Chinese intelligence and organized crime, collecting data that could be used for industrial espionage, or, to extort Taiwanese people into going against their country’s interests.

The friend must see reason in law-abiding citizens having the right if not even obligation to protect themselves and their countrymen against these threats.

But ultimately, if the friend is not comfortable using Signal, then the fate of the relationship is dictated what you two feel comfortable talking about over a monitored line. Let them know speaking freely gives more room for the relationship to deepen and that unfortunately it can’t happen otherwise.

I am skeptical about Freedom House’s rankings considering United Kingdom: Country Profile | Freedom House ranks higher than the United States.

Line offers E2EE as an option in their “letter sealing” setting.

I’m not aware of any audits to determine how well it’s implemented but it is likely a better solution to normie email.

Line is the default messaging app for many people in Asia. Especially Taiwan, South Korea, and Japan. I use it to talk with my family members who live in Asia. Sure Signal would be better, but Line is far from the worst option.

If we’re assuming the above, then this cannot be possible:

So:

I can’t speak for anyone else but it’s always worked for me. If I am sending an e-mail to someone who doesn’t have Proton, I typically set the password (pre-communicated via other means) and an expiration date (if it requires one). The “Reply securely” is the only option that shows to the recipient. The only downside is you have to remember to password protect each and every time, which isn’t ideal.

I’d like to think this isn’t the case. If my 83 year old grandparent can put a password into a password field online, I think most should be okay.

I’ve not encountered this, so I’m not sure?

I’m not sure how on this either. Perhaps the ‘Subject’ line, yes. Not exactly ‘leaking’ but that isn’t e2ee. So I tend to not use Subject lines in some cases. Also, per above, you’ll have to add the password each time and remember to do that…!

Good luck. Let us know here as I’d be keen to hear if it’s viable and any stumbling blocks.

@maqp I have no reason to believe Taiwan is a police state. But E2EE apps have been a goto scapegoat of criminal activity in Asian media.

That may be a great argument indeed! I’ll try citing that as another reason

I don’t know my friend well enough yet but I get the impression they are not that kind of person and may believe they have nothing to hide.

Like you, I believe privacy is not just a right nor individual right but an obligation and collective responsibility, and acting like having nothing to hide is harmful to oneself and others.

That is sadly the current situation. I (and hopefully they) limit talking about sensitive topics over email. I tried the relationship deepening through privacy argument but they didn’t respond to it. Perhaps I shall reiterate the argument.

E2EE is not mandatory??? Thank you for the information!

I found the Line support page about Letter Sealing. We would need to ensure Letter Sealing is enabled and avoid any features Letter Sealing doesn’t apply to, and I would need to ask them not to forward any of our messages to their other contacts.

I wouldn’t hold much faith in security audits of proprietary software. But the possibility that messages are E2EE is a likely improvement over all messages being knowingly unencrypted, setting aside possible false sense of security (fake E2EE) and increased data collection through the app.

Thank you for your perspective. Are you able to explain some of the most important specifics about the Line app’s privacy/security features, information leakage and antifeatures?

Some app (anti)feature related issues I imagine may be of concern are (listing this primarily for my own reference)

• The Android app’s mandatory permissions
• Leakage of account ownership information etc via contact discovery
• Disabling or bypassing E2EE by mistake
• Leakage of messages via notifications
• Delivery receipts and read receipts
• Leakage of URLs inside messages via URL previews
• Absence of disappearing messages

Some people are wary of clicking on links inside emails but I didn’t experience that when I tried email password protection.

Your grandparent may have more patience than many people who have lived most of their lives with modern-day conveniences and instant gratification. I have come across people who can’t or won’t handle the inconvenience/complexity of Proton/Tuta email password protection.

I have failed to enable email encryption one or two times myself, purely my fault. Not enabling it by default (globally or for specific contacts) is a key security weakness of the feature.

I had someone tell me they couldn’t reach the prompt to enter the password and got an error instead. I suspect they used an outdated or unusual web browser.

I had this happen once and I was completely dumbfounded. The reply they sent me was outside the encrypted channel and leaked their response and the entirety of my prior email!

There are the benefits of encryption (when it works) and disappearing messages (in Proton but not Tuta?) though. How my friend would handle password protected emails is yet to be seen. If I decide to try email password encryption I will post here (If I remember to do it!)

First I need to make a correction. Letter sealing launched as an optional setting, it is now default. I’ll try to answer your questions as best I can.

• Android permissions: I and everyone I talk with on LINE use iPhones so I do not have familiarity with the Android version of the app.
• You can turn off contact discovery; I have it set so I have to manually add contacts either by sending a link or scanning a QR code in person. I am not searchable by number/user ID/etc.
• E2EE is on by default and I don’t think it can be turned off anymore, at least for the functions it covers. Importantly, group voice/video calls are not E2EE but 1-on-1 voice/video calls are
• Notifications is really an OS level issue, not an app level one. If you are concerned about this I would just disable notifications.
• This can be activated but there is not documentation on whether or not they are E2EE
• There is no mention of URL previews in their documentation, I would assume it is not E2EE but that is an assumption
• Disappearing messages are not an option; how much of a concern this depends on your conversation content.

I Hope this is helpful. Overall you have to balance your security concerns with the risk. When dealing with ‘normies’, I focus on harm reduction rather than a perfect solution. LINE is a harm-reduction compared to Gmail or SMS so I would consider it a positive development in your communication with your friend.

Thank you for your information about Line and your perspective!

Good to know contact discovery can be turned off and it prevents other people finding me on Line.

E2EE enabled by default is a good thing, but since it is not mandatory some users may disable it. This possibility makes my friend’s contacts who disable it a (very small) security risk. As long as my friend wouldn’t forward our messages to their contacts, the fact it is not mandatory would not be a problem. All my friend and I would then need to do is avoid features that don’t support E2EE. This is not a concern in Signal where E2EE is universally mandatory across all users and features.

URL previews has a mention in the Letter Sealing support page.

If your device were to access a website directly to create a URL preview, you would be at risk of being tracked (e.g. your IP address being acquired) by the accessed website and others. To prevent this and protect your privacy, we use a secure mechanism where LINE servers access the website on your behalf and generate the preview.

Note: Due to this security feature, URL information is processed on our servers. However, you can turn it off via your settings if you desire.

I interpret this as the Line server fetches the URL, thus URLs are leaked to Line corporation. Line’s justification is reasonable but it just transfers the risk from ISPs to Line. Either both my friend would need to disable URL previews (this may be possible) or they would need to avoid typing/pasting URLs into the text box (this is error prone and restrictive). For comparison I don’t remember how Signal handles URL previews.

Absence of disappearing messages in Line is a problem but not much different to absence of disappearing messages in email, thus both options are equally bad in this regard.